The vulnerability identified as CVE-2024-22151 in Codection's Import and export users and customers component is classified as CWE-862 (Missing Authorization). It affects versions up to 1.24.6 and allows unauthorized access to import and export functionalities, potentially enabling unauthorized modification or extraction of user and customer data. The CVSS 3.1 base score is 5.3, indicating a medium level of risk with network attack vector, no privileges required, and no user interaction needed. No official remediation or patch has been published by the vendor at this time.

The impact of this vulnerability is limited to unauthorized modification of data integrity related to users and customers, as indicated by the CVSS vector (no confidentiality or availability impact). Exploitation could lead to unauthorized changes in user or customer data through import/export operations. There are no known active exploits reported, and no direct evidence of confidentiality or availability compromise.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or temporary mitigation has been published, organizations should restrict access to the affected import/export functionality to trusted users only and monitor for unusual activity related to user and customer data management. Apply vendor patches promptly once available.